CVE-2019-17144

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

openSUSE Security Advisory (openSUSE-SU-2024:0052-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : bitcoin (openSUSE-SU-2024:0052-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2024:0052-1 advisory. - Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote...

CVE-2019-17144

creationtimestamp| type| source ---|---|--- 2024-01-29 07:41:57+00:00| seen| https://t.me/ctinow/175092...

CVE-2022-37350

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

CVE-2022-37350

CVE-2022-37350 affects PDF-XChange Editor. The root cause is a vulnerability in the handling of Collab objects, where performing actions in JavaScript can trigger a read past the end of an allocated buffer, enabling remote code execution in the context of the current process. Exploitation require...

CVE-2022-37350

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Mageia: Security Advisory (MGASA-2018-0415)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NSA, FBI Reveal Hacking Methods Used by Russian Military Hackers

An ongoing brute-force attack campaign targeting enterprise cloud environments has been spearheaded by the Russian military intelligence since mid-2019, according to a joint advisory published by intelligence agencies in the U.K. and U.S. The National Security Agency NSA, Cybersecurity and...

Exploit for Deserialization of Untrusted Data in Microsoft

This is a weaponized tool for exploiting the Microsoft Exchange 2010 MRM.AutoTag.Model unsafe deserialize vulnerability, identified as CVE-2020-17144. The tool is written in C and uses the .NET framework 3.5. The tool consists of two files: e.cs and cve-2020-17144.cs. The e.cs file is a simple C...

CVE-2020-17144

creationtimestamp| type| source ---|---|--- 2020-12-14 03:51:28+00:00| published-proof-of-concept| Telegram/hNqHHYmUZ3qL9V1jnqUDMQ7sYfirC6K-HnBKeCLBDTbA 2021-07-02 06:58:55+00:00| seen| MISP/d11a348d-a113-494f-bb63-24caad723c86 2021-11-08 08:58:18+00:00| seen|...

CVE-2020-17144

Microsoft Exchange Remote Code Execution Vulnerability...

CVE-2020-17144 Microsoft Exchange Remote Code Execution Vulnerability

...

CVE-2020-17144

CVE-2020-17144 is a deserialization vulnerability in Microsoft Exchange Server 2010 (MRM.AutoTag.Model) that can enable remote code execution. Public details from Attackerkb indicate exploitation requires authentication (e.g., via OWA EWS) and can execute OS commands with SYSTEM-level privileges;...

Exploit for Deserialization of Untrusted Data in Microsoft

weaponized tool for CVE-2020-17144Microsoft Exchange 2010 MR...

Description of the security update for Microsoft Exchange Server 2010 Service Pack 3: December 8, 2020

Description of the security update for Microsoft Exchange Server 2010 Service Pack 3: December 8, 2020 This update rollup is a security update that provides a security advisory in Microsoft Exchange. To learn more about these vulnerabilities, see the following Common Vulnerabilities and Exposures...

KLA12022 Multiple vulnerabilities in Microsoft Server Software

Multiple vulnerabilities were found in Microsoft Server Software. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Microsoft Exchange can be exploited...

Microsoft Exchange Memory Corruption (CVE-2020-17144)

A memory corruption vulnerability exists in Microsoft Microsoft Exchange. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Security Update for Microsoft Exchange Server 2010 SP 3 (December 2020)

The Microsoft Exchange Server installed on the remote host is missing a security update. It is, therefore, affected by a vulnerability: - A remote code execution vulnerability. An attacker could exploit this to execute unauthorized arbitrary code. CVE-2020-17144 %NASLMINLEVEL 70300 C Tenable...

CVE-2019-17144

CVE-2019-17144 affects Foxit PhantomPDF 9.6.0.25114. The flaw is in DWG-to-PDF conversion due to improper validation, causing an out-of-bounds write that can let an attacker execute code in the target process. Exploitation requires user interaction (visiting a malicious page or opening a maliciou...